Italian email provider Email.it hacked with data on sale
Just recently it was discovered that an Italian email provider by the name of Email.it was hacked resulting in a data breach for its 600,000 customers.
Apparently made by a band that goes by the name of “NoName (NN);” the group claimed that the actual violation took place in 2018 by posting the following on its website:
We breached Email.it datacenter over 2 years ago and we’re crashing like an APT. We took all the sensitive data possible from their server and then chose to give them a chance to mend their holes by asking for a small premium. They refused to talk to us and continued to cheat on their users / customers. They did not contact their users / customers after violations!
The small premium in the message refers to a request for a certain amount of money that the email provider refused to pay. Instead, they implicated the Italian Postal Police (CNAIPIC) in hackers who released their data to the dark web in retaliation.
See: Maze ransomware group hacks oil giant; online data breach
Currently sold data is offered in different categories with prices ranging from 0.5 Bitcoins ($ 3,700) to 3 Bitcoins ($ 22,200) as shown in the photo below.
Detailing the nature of the hack, they also posted a Tweet:
As the tweet shows, the hacker managed to gain access to 44 databases during the process whose names were also revealed in the screenshot:
These, they claim, contain users’ email addresses, their passwords, security questions, SMS messages and the specific directories in which they have been stored giving information about the layout of the databases. .
In addition, the text messages of sent emails can also be viewed with visible sender information as well as time stamp.
But that’s not all. As shown in the photo below, beyond the emails, details of other web applications hosted by email.it were also leaked, including their source code.
As for Email.it’s response, ZDNET reported that in a statement from the supplier to them, the supplier clarified that no financial information had been disclosed or paid commercial account data as it is stored on separate servers. In addition, the server has also been fixed.
In conclusion, this raises serious questions about the credibility of Email.it itself. For starters, they were supposed to report such a breach in accordance with the European General Data Protection Regulation (GDPR), which they did not do.
Second, storing sensitive credentials in plain text is frankly a rookie mistake, not a mistake an email provider on this scale should make.
See: Anonymous steals 1 terabyte of passwords at Expo 2015 in Italy
In the near future, we expect them to apologize honestly to all customers and work on improving their security mechanisms both in terms of encryption and access control for their servers.
It wouldn’t be surprising, however, if masses of customers decide not to continue their service, especially with a ton of other more secure options available in the market.